Ics-cert Lcds Laquis Scada
7 CVEs affecting Ics-cert Lcds Laquis Scada. Latest disclosed: 2019-02-05. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-18998 | Critical | 9.8 | 2019-02-05 | LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system with high privileges. |
CVE-2018-18996 | Critical | 9.8 | 2019-02-05 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attacker to execute re… |
CVE-2018-18992 | High | 8.8 | 2019-02-05 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an attacker to execute remote code on the… |
CVE-2018-18988 | High | 8.8 | 2019-02-01 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening a specially crafted report format file. This may allow remote code exe… |
CVE-2018-19000 | Medium | 5.3 | 2019-02-05 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication bypass, which may allow an attacker access to sensitive data. |
CVE-2018-18990 | Medium | 5.3 | 2019-02-05 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can leverage this vulnerab… |
CVE-2018-19004 | Low | 3.3 | 2019-02-01 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows out of bounds read when opening a specially crafted project file, which may allow data exfiltration. |